Privacy violations can be expensive. We show you the most common mistakes and how to avoid legal warnings from consumer protection associations, competitors, or data protection authorities.

Common violations

Many website operators unknowingly commit privacy violations. The consequences range from costly legal warnings to fines from supervisory authorities.

  • Setting cookies before consent: Tracking starts before user consent is given
  • No real opt-out: The 'Reject' option is hidden or cumbersome
  • Dark patterns: Manipulative design that pushes users to consent
  • External Google Fonts: IP addresses are transmitted to US servers
  • Missing legal basis: Cookies are set without valid consent

Fines and penalties

GDPR allows fines of up to €20 million or 4% of global annual turnover – whichever is higher. Small businesses are not exempt.

  • 2022: €100 fine per user for Google Fonts violations (Munich Regional Court)
  • 2024: Multiple German companies warned for missing cookie banners
  • CNIL France: Multi-million fines against major companies for cookie violations

Legal warning waves

Legal warnings are a popular tool, especially in Germany. Consumer protection associations and specialized lawyers regularly send costly warnings to website operators with inadequate cookie consent.

How to protect yourself

With correct CMP implementation, you can eliminate most risks. Pay particular attention to the following points:

  • Block all cookies until consent is given
  • Offer equivalent options for Accept and Reject
  • Don't use pre-selected checkboxes
  • Host fonts and other external resources locally
  • Conduct regular cookie audits

Prevention is cheaper than fines. A professional CMP solution like Biscotti helps you stay compliant.